System parameters for security

centrexGwPwdUsername

CentrexIP. CallGuide User whose password is used to connect to gateway.

When using a Centrex PBX type to two system parameters are used to store login data towards Telia Company’s gateway, TGW. 

1. centrexGwUsername, stores the username to be used towards TGW.
2. centrexGwPwdUsername, stores the name of a CallGuide user, whose password is used as password towards TGW.

Both parameters are used to be able to handle that the username is already busy in CallGuide Server. Normally these parameters are given the same value.

centrexGwUsername

CentrexIP. Username used to connect to gateway.

enableAgentPassword

Password is required to log in to CallGuide Agent .

The parameter governs whether a password is required for logging in to CallGuide Agent or not.

Ticked = require password;
Unticked = do not require password

encryptedTcpAgent

Encrypted connection client-server installed.

This parameter indicates whether the installation requires encryption between the server and the clients. Governs encryption in CallGuide Server as well. N.B. does not regulate encryption between Application Server and client. A tick here means coding is installed, unticked means coding is not installed.

To be able to use encryption, support for encryption must be installed in CallGuide Server.

mobileLockUserAccount

Lock account on repeated login attempts with mobile login.

Indicates whether user accounts should be locked if an agent using mobile log in enters a wrong PIN code X number of times in a row. X is governed by the pwdFailuresBeforeAccountLocked system parameter.

Also see mobileLoginTimer on the System parameters for incoming call tab.

pwdCleanDays

Time to store old passwords (d).

Prevents reuse of old passwords. 0 means that old passwords are not saved when changing password.

365

pwdExpiryWarningTime

Warning password will soon expire (d).

States how many days before expiration of the password the user will give a warning about this.

This parameter should not be used if you have agents that are allowed to log in without password, i.e. with a blank password box.

21

pwdFailuresBeforeAccountLocked

No. login attempts before locking the account.

Number of allowed log in attempts with wrong password before the account is locked. 0 means unlimited number of attempts.

To lock accounts used for mobile login you set the mobileLockUserAccount parameter.

3

pwdMinCharTypes

Minimum no. character types in passwords.

Number of character types the password must contain of the possible types upper case letters, lower case letter, figures and special characters. 0 means that no consideration has to be taken to character types when checking passwords.

4

pwdMinDigits

Minimum no. digits in passwords.

The password must contain at least this number of digits. 0 means that the password does not have to contain digits.

1

pwdMinLength

Minimum length of passwords

The parameter governs the minimum length of passwords. If this parameter is set to 0 it means that blank passwords are allowed.

1

pwdMinLower

Minimum no. of lowercase letters in passwords

The password must contain at least this number of lower case letters. 0 means that the password does not have to contain lower case letters.

1

pwdMinSpecialChars

Minimum no. of special characters in passwords

The password must contain at least this number of special characters (not a letter or figure, e.g. @, %and !). 0 means that the password does not have to contain special characters.

1

pwdMinUpper

Minimum no. of uppercase letters in passwords

The password must contain at least this number of upper case letters. 0 means that the password does not have to contain upper case letters.

1

pwdValidTime

Longest time a password is valid (d).

Is used to make the user change his/her password at regular intervals. 0 means that the password validity time is unlimited.

90

ssoEnabled

SSO: Activate Single Sign On

ssoEnforced

SSO: Force login with Single Sign On

ssoIdpEndPoint

SSO: Endpoint for Identity Provider IdP

https://fs.company.se/adfs/services/trust/13/windowsmixed

ssoIdpRelyingParty

SSO: Identifier for Relying Party in IdP

Also used as Valid Issuer at validation

http://fs.callguide.telia.com/adfs/services/trust

ssoRStsEndPoint

SSO: Endpoint for Telia Relying Party Security Token Service RSTS

https://fs.callguide.telia.com/adfs/services/trust/13/issuedtokenmixedsymmetricbasic256

ssoRStsRelyingParty

SSO: Identifier for Relying Party in RSTS

http://callguide

ssoThumbPrint

SSO: Thumbprint for validation of SAML token

systemId

System identity, separates CallGuide systems (Normally formed by the licence key).

Unique system identity for a specific CallGuide system. Must not collide with other CallGuide systems (also applies to any test systems). The system identity is used to identify a CallGuide system among various sub products.

The value is set automatically to the first eight characters from the licence key in the following situations:

When the licence is configured in a newly installed system.

When an existing system is upgraded to CallGuide 8.2

unusedAccountLockDays

Time before an unused account is locked (days)

Unused accounts are automatically locked after the specified number of days.

If the system parameter is set to 0 no accounts are locked.

If the administrator unlocks an account, previously locked for any reason, the user has to log in to the account immediately. Otherwise the account will be automatically locked again the following night.

Also seeSecurity – set password and unlock account

usernameMaxLength

Maximum username length.

Max allowed value = 16
Min allowed value = 1

(If max is set to less than min, max is considered to be equal to min.)

16